SSL Certificate update commande line

  • Hi everybody!

    I'm looking for the command line that may let me import ssl certificate without using the GUI:

    At the moment my Firewall generate my SSL certificate. I already have a working script running on OMV to import this certificate and put it everywhere i need it to be (dockers mainyl)

    I dont want to struggle changing the ssl cerificate used by OMV services (as omv web GUI, nginx) every 3 month :-)

    i see 2 options:

    1: theres an OMV command line to import certificates using whatever format, create the UUID as documantation want it, restart the web GUI

    2: I import the certificate as the existing UUID (overwriting the existanting SSL certificates)

    Thanks in advance for your help!

  • Here is a method to update an existing cert:

    Get the UUID for an existing cert with:
    sudo omv-confdbadm read "conf.system.certificate.ssl" | jq -r '.[] | "\(.uuid) \(.comment)"'

    Once you have that, the following script should update it in the database. You will just need to adjust the four variables at the top of the script.

    omv 6.0.8-1 Shaitan | 64 bit | 5.15 proxmox kernel | omvextrasorg 6.0.5 | kvm plugin 6.0.3 plugins source code and issue tracker - github

    Please read this before posting a question.
    Please don't PM for support... Too many PMs!

  • Thanks Ryecoaaron!

    Sorry but im getting an error:

    root@nas:~# sudo bash /root/
    /root/ ligne 3: /usr/share/openmediavault/scripts/helper-functions: Aucun fic hier ou dossier de ce type
    {"uuid":"xxxxxxxxxxxxxxxxxxxx","certificate":"-----BEGIN CERTIFICATE---------END CERTIFICATE-----","privatekey":"-----BEGIN RSA PRIVATE KEY--- ------END RSA PRIVATE KEY-----","comment":"let's encrypt ssl "}
    /root/ ligne 28: omv_exec_rpc : commande introuvable
    /root/ ligne 29: omv_exec_rpc : commande introuvable

    Am i doing something wrong?

    EDIT: Indeed working :Script encoding Format problem :-/

  • This script was just what I needed, thanks. Have now purged the old and somewhat unreliable letsencrypt plugin from my system and moved to using dehydrated for certificate requests.

  • Hey folks, been using a form of this script for some time. Recently upgraded to OMV5 and I think something broke and cannot figure out where it's not working. What's interesting is if I run this script and then check the info section of the cert via the WebGui, it seems like the cert has in fact been updated, but the browser is showing the old cert. Very odd.

    I was doing some amateur sleuthing and noted that this command doesn't seem to exist: omv_exec_rpc so I replaced these commands in my script with omv-rpc

    Here's my modified version of the script - if anyone can point me in a direction to troubleshoot I would appreciate it:

    If I turn on bash debugging in the script, I note that the following two commands output "null" after execution

    omv-rpc "Config" "applyChanges" "{\"modules\":[\"certificatemgmt\"],\"force\":false}"
    omv-rpc "Config" "applyChanges" "{\"modules\":[],\"force\":false}"

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!